$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142831.roa File: AS142831.roa (raw, json) Hash identifier: HKplsqFjvRtS5XsF/LnCgFtvE1owc3pdkiCCEg29wO8= Subject key identifier: EB:2A:FB:C8:6B:F6:49:28:8D:AA:ED:A6:52:C6:31:B5:88:95:DD:85 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6A8770F890D9253899382EFCD86E9008C31CAEC9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142831.roa Signing time: Wed 04 Mar 2026 06:05:54 +0000 ROA not before: Wed 04 Mar 2026 06:00:54 +0000 ROA not after: Wed 03 Mar 2027 06:05:54 +0000 asID: 142831 IP address blocks: 240a:a0b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:87:70:f8:90:d9:25:38:99:38:2e:fc:d8:6e:90:08:c3:1c:ae:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:54 2026 GMT Not After : Mar 3 06:05:54 2027 GMT Subject: CN=EB2AFBC86BF649288DAAEDA652C631B58895DD85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:31:2c:13:82:be:1a:53:74:ba:a9:38:57:98: 3a:c0:c4:50:f8:5e:6a:3b:6a:e6:92:d6:23:41:f4: 84:b5:76:d7:b8:b6:19:2a:db:7e:6d:4e:5a:8f:8b: 02:8d:f6:98:d1:f2:f8:68:5d:9f:ba:d1:54:82:4d: c2:87:42:47:4e:f2:0d:27:db:c3:81:a7:f2:36:9b: 8d:22:5c:37:c8:a9:91:87:8d:41:3b:0f:b3:a6:be: 68:b9:25:ca:57:69:ae:11:ef:dd:c1:08:4b:61:9a: ba:08:46:42:c4:c2:9a:99:12:0e:ea:bd:f5:03:cc: 7b:7f:3b:f7:9d:dc:97:61:d1:66:45:f1:70:0b:d3: 01:ae:e0:95:51:a9:01:d0:9f:54:61:da:89:12:d4: e6:60:1b:c8:08:50:d0:09:d5:2a:3f:c3:24:cb:3e: 3d:57:d8:7b:95:34:b0:7f:a5:98:e6:36:85:c1:13: 75:81:08:c6:74:b7:ab:79:ce:a6:bf:11:92:aa:7d: 30:cd:b6:7f:ed:4d:df:39:a6:be:08:6b:14:e0:ee: 11:2b:f7:53:2a:84:f1:26:62:5a:44:75:e7:8c:68: 06:b7:2f:54:b5:ae:74:f0:b1:a5:32:68:3a:85:14: c0:b2:14:f3:41:99:2d:de:5a:73:5a:b3:84:92:79: c9:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:2A:FB:C8:6B:F6:49:28:8D:AA:ED:A6:52:C6:31:B5:88:95:DD:85 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142831.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0b5::/32 Signature Algorithm: sha256WithRSAEncryption 6d:ef:d5:d7:61:a5:6a:b6:f9:5c:9f:5a:75:33:fb:42:56:3a: f0:e4:38:e1:51:08:4b:2f:c9:e6:9b:0b:18:51:b1:a2:f5:a5: b5:54:07:36:85:cf:8a:52:3c:45:c6:69:bc:c7:5f:f4:f2:d9: fe:81:76:e8:22:dc:4e:58:65:3c:b0:e2:c4:38:f7:65:26:9d: 63:8d:70:e6:56:df:2f:88:5b:1d:d3:07:05:47:13:e6:fb:78: c7:79:68:a9:fb:82:0d:6b:32:9c:70:cd:ed:63:f6:49:ba:39: 21:14:97:72:be:c9:4f:b1:9e:94:bb:00:51:19:9d:1e:17:a7: 64:c3:3a:f7:41:b6:e0:75:2e:4f:ba:41:32:13:26:6e:31:89: f1:e7:ba:4e:cc:4e:43:4c:85:50:29:b9:9c:8e:22:1b:ff:0d: 71:ad:6b:8a:10:1d:fa:b5:3d:cf:c7:7c:22:67:0f:1e:73:2a: 31:27:c6:1b:50:85:0f:e4:bd:0e:ec:ec:ca:c7:1e:e0:f9:36: 32:21:63:e6:4b:00:b5:5c:ba:a6:b0:d3:52:58:e1:20:51:fe: db:cb:f9:c4:8c:b0:27:85:fe:46:ef:6b:99:60:8c:b3:7a:b2: 3e:e9:a7:e8:14:70:52:75:d4:68:66:23:4a:3b:1d:f0:a6:55: 48:1c:5a:d7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaodw+JDZJTiZOC782G6QCMMcrskwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1NFoX DTI3MDMwMzA2MDU1NFowMzExMC8GA1UEAxMoRUIyQUZCQzg2QkY2NDkyODhEQUFF REE2NTJDNjMxQjU4ODk1REQ4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwxLBOCvhpTdLqpOFeYOsDEUPheajtq5pLWI0H0hLV217i2GSrbfm1OWo+L Ao32mNHy+Ghdn7rRVIJNwodCR07yDSfbw4Gn8jabjSJcN8ipkYeNQTsPs6a+aLkl yldprhHv3cEIS2GaughGQsTCmpkSDuq99QPMe387953cl2HRZkXxcAvTAa7glVGp AdCfVGHaiRLU5mAbyAhQ0AnVKj/DJMs+PVfYe5U0sH+lmOY2hcETdYEIxnS3q3nO pr8Rkqp9MM22f+1N3zmmvghrFODuESv3UyqE8SZiWkR154xoBrcvVLWudPCxpTJo OoUUwLIU80GZLd5ac1qzhJJ5yZ8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTrKvvI a/ZJKI2q7aZSxjG1iJXdhTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oLUwDQYJKoZIhvcNAQELBQADggEBAG3v1ddhpWq2+VyfWnUz+0JWOvDkOOFRCEsv yeabCxhRsaL1pbVUBzaFz4pSPEXGabzHX/Ty2f6Bdugi3E5YZTyw4sQ492UmnWON cOZW3y+IWx3TBwVHE+b7eMd5aKn7gg1rMpxwze1j9km6OSEUl3K+yU+xnpS7AFEZ nR4Xp2TDOvdBtuB1Lk+6QTITJm4xifHnuk7MTkNMhVApuZyOIhv/DXGta4oQHfq1 Pc/HfCJnDx5zKjEnxhtQhQ/kvQ7s7MrHHuD5NjIhY+ZLALVcuqaw01JY4SBR/tvL +cSMsCeF/kbva5lgjLN6sj7pp+gUcFJ11GhmI0o7HfCmVUgcWtc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:25 2026 by rpki-client